CVE-2022-28886
First published: Fri Sep 23 2022(Updated: )
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine
Credit: cve-notifications-us@f-secure.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F-secure Cloud Protection For Salesforce | ||
| F-secure Collaboration Protection | ||
| F-secure Elements Endpoint Protection | ||
| F-secure Internet Gatekeeper | ||
| F-Secure Linux Security |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Denial-of-Service vulnerability?
The vulnerability ID of this Denial-of-Service vulnerability is CVE-2022-28886.
Which products are affected by this vulnerability?
The F-Secure and WithSecure products affected by this vulnerability include F-secure Cloud Protection For Salesforce, F-secure Collaboration Protection, F-secure Elements Endpoint Protection, F-secure Internet Gatekeeper, and F-Secure Linux Security.
What is the severity rating of CVE-2022-28886?
The severity rating of CVE-2022-28886 is medium, with a severity value of 5.5.
How can this vulnerability be exploited?
This vulnerability can be exploited by causing the aerdl.so/aerdl.dll file to go into an infinite loop when unpacking PE files, which may crash the scanning engine.
Are there any references for this vulnerability?
Yes, you can find references for this vulnerability at the following URLs: - F-Secure Security Advisories: https://www.f-secure.com/en/business/support-and-downloads/security-advisories - WithSecure Security Advisories: https://www.withsecure.com/en/support/security-advisories